Friday, 5 August 2011

Mobile banking: Will you be hacked?

You're in the store trying on a stunning but outrageously priced shirt. You have to have them, and your hand has already palmed your debit card--but wait! Did your mortgage payment clear your money market account yet?

You could whip out your smart phone and check your balance using your bank's app, and maybe make a quick transfer between accounts. If you access your bank account information on your mobile phone, are you jeopardizing the security of your checking and savings accounts ?

No, you're not, says Phil Blank, managing director of security, risk and fraud at Javelin Strategy and Research--not as long as you exercise some basic online street smarts.

"All you need to do is use a little common sense," Blank says.

Consumers worried about mobile banking securityIf you think twice before accessing banking information on your smart phone, you're not alone. Even though smart phone adoption has jumped, more consumers with mobile banking capabilities are concerned that sharing personal financial information on their phones will open themselves to hacking and fraudulent activity.

According to a 2010 Javelin survey, about 40 percent of smart phone owners said mobile banking made them nervous--up dramatically from 26 percent in 2009.

"It's very clear to us that people are saying, 'I am nervous about using my smart phone to bank,'" Blank says.

In Blank's estimation, financial institutions must address this perception quickly, or else many consumers will never take advantage of mobile banking.

Banks: We've made mobile banking safeMarc Warshawsky, senior vice president of mobile channel planning and design at Bank of America, says its customers have no reason to worry about their financial information being stolen--whether they're using their computer or their smart phone to bank.

"We've taken the necessary steps to minimize any risk to their accounts, whether they access them on their mobile phone or from their computers," he says.

Besides, Warshawsky says, should something happen and their phones are hacked, customers of Bank of America would be protected by its zero-liability guarantee. "They would not be responsible for any unauthorized charges to their debit cards, credit cards or accounts," he says.

Smart banking on your smart phoneIf you're still unsure, here's what Blank and Warshawsky say you need to do to be sure the transactions you make using your smart phones are safe:

Do…
Stick to your bank's apps for mobile banking or trusted, well-reviewed third-party personal finance apps. Download them directly from the app store for your phone's type--iPhone, Android, etc.
Treat your smart phone as if it's a PC. "I really hate the term 'smart phone,'" Blank says, "because what it really is is a PC that happens to make phone calls. If you look at your phone that way, you're minimizing your risks." For instance, install antivirus software on your phone as you would your PC.
Monitor the whereabouts of your phone. One big difference between your phone and your desktop computer is that the latter is much less likely to fall out of your pocket or purse. Check every so often to make sure your smart phone is on you when you're out and about.
Don't…
Use public Wi-Fi access to conduct your banking business. You can't be sure they're secure, Blank says. Opt for wireless networks that require a network security key or have some other form of security.
Be the first in line to use your bank's new app. "Wait until it's been about 30 to 40 days and then go and download it," Blank advises. The reason? Sometimes early versions of apps contain malware or are not safe.
Leave the keys in plain sight. Never send a text message on your phone containing sensitive information such as your Social Security number or checking account and savings accounts numbers or even your passwords to log into them. "We don't give the customer the option to store anything sensitive on their phones," Warshawsky says. "That's for their own protection."
Be fooled by emails or text messages asking for personal information. Often, these "phishing" messages claim to be from your bank and ask for personal information or ask you to click on certain links to update account information. "We would never ask you to provide your ID or password over digital communications," Warshawsky says. You should also avoid visiting any websites that you don't know anything about.
Using your phone to bank on the go can be a great convenience. As long as you're smart about it, says Blank, there's no reason you shouldn't access your bank accounts through your smart phone.

The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of The NASDAQ OMX Group, Inc.